CITS

Protecting Your Portable Devices

June 21, 2016   |  By Chris Phillips

The feature that makes portable computing and data storage devices so attractive is also their critical weakness, because it makes them so vulnerable to accidental damage, loss, or theft.  Fortunately, there are security steps you can take--some of them quite simple--that can dramatically reduce the risks of using portables.

Physically Secure Spaces

The single most important protection for any computing or storage device is keeping it in a secure physical space.  Locked doors, alarm systems, video surveillance, human guards, etc., go a long way toward securing modern offices and their contents.  When your portables are kept in an office with such protections, they are generally relatively secure.  But be very careful about persons who are not well known to you having easy access to your office environment.

Secure Storage and Transit

When portables are transported from one location to another they should ideally be kept with you or close to you at all times. If that is not possible, portables should be locked up in something else, and, to the degree possible, hidden or disguised.  For example, don't leave a portable in plain view on the seat of your car.  (It doesn’t take long to smash a car window.)  And consider forgoing that expensive laptop case in favor of something that disguises what you are carrying.

Protection with Locks and Alarms

If you must leave your computer unattended in an insecure place, you can still gain a measure of physical security. For larger portables, the cheapest option is a cable lock that secures your portable to an immovable object. Cables can be cut, but they will at least slow down a thief.

Another option is an alarm system. Wireless alarms use a transmitter kept with the owner and a receiver attached to the device. When the transmitter and receiver get too far apart -- say, because a thief is running away with the attached device -- the alarm sounds.

Protection with Tracking Systems

Portable computing devices can also have "tracking” software installed which will report the location of a missing device whenever it connects to the Internet. Some security software of this type also has the capability of erasing data on the device by remote command.

Protection with Labels and Engraving

Tamper-proof security labels and engraving are good options to promote the return of lost devices. Such permanent marking also makes the device difficult to resell, making it a less attractive target for theft.  Remember that even if you get your portable back in perfect working order, the security of the data on it may still have been compromised while it was “away.”  Always report the loss or theft of a computing or storage device containing sensitive information, even if it was only out of your control for a short time.

Protection with Passwords

Almost all portable computers, as well as storage devices such as USB keys, can be protected with a login password and/or a password-protected screensaver. If a biometric authenticator (e.g., fingerprint recognition pad) can be installed, that's even better.

Protection with Encryption

Many portable devices--from laptops to smart phones to USB keys-- allow protection of some or all individual files and directories with encryption. If the capability is not built into the device's operating system it can usually be added via supplemental software.

Communications Security

Portable computing devices are often connected wirelessly to local networks and other devices. It is critical that you take steps to secure any Wi-Fi and Bluetooth wireless connections for the device. In addition, portable computing devices accessing sensitive data may need to use available capabilities for secure end-to-end communications, such as a virtual private network (VPN).

Minimizing Sensitive Data Storage

Whenever possible, avoid putting sensitive information on portable devices, particularly those that are likely to leave the office. If you cannot avoid it, try to keep the amount to a minimum. If you need access to sensitive data from your portable computing device, consider keeping the data on a secure computer or server and then accessing it via secure communications links such as VPN.  It is also critical to have backup copies of all the important data on a portable—kept in a separate place.  It's a good idea for any computer, but it's particularly important with portables. Whatever backup option you choose, you'll also need to pay attention to security for your backup copies.

Secure Disposal

When a portable computing or storage device reaches the end of its productive life it is critical that you take steps to clean it of any sensitive information before donation or disposal. This isn't always as easy as you might think. It is rarely if ever sufficient to simply delete data files or reformat file directories. Most digital media will retain traces of erased data, some of which can be easily recovered.  CDs and DVDs should be destroyed. Hard drives and/or solid-state (flash) memory devices must be systematically over-written or physically destroyed.  If you don't understand the specifics of secure disposal, enlist the help of someone who does. Don't ever just throw a device in the trash or deliver it to an unsecure recycler!

Conclusion                                                               

This article has covered many security options for portable computing/data storage devices.   The more of them you use, the safer you'll be. The risks of a security breach include the cost of replacing the device itself, and the costs associated with loss or exposure of any critical data on it--which can be vastly more significant.

The rules for portable device safety are not difficult. Remembering to practice them can be hard because it often requires extra effort and attention, but it is well worth it. The basic rules include:

  • Keep all portable devices as physically secure as possible. With you, or nearby, is best.
  • Enable any technical security measures that are available (e.g., password protection, data encryption).
  • Minimize the amount of sensitive data on the device. Immediately report the loss/theft of any device containing sensitive data.
  • Keep a backup copy of any data on the device that would be difficult to replace.
  • Take appropriate steps for secure disposal when the device is no longer needed.